Date: Wed, 18 Dec 2002 20:19:42 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 22503 for review Message-ID: <200212190419.gBJ4JgOK066789@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=22503 Change 22503 by rwatson@rwatson_paprika on 2002/12/18 20:18:53 First pass at system call wrappers, man page updates for _link_np() variations. Affected files ... .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl.3#2 edit .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_delete.3#2 edit .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_delete.c#2 edit .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_get.3#2 edit .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_get.c#2 edit .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_set.3#2 edit .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_set.c#2 edit .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_valid.3#2 edit .. //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_valid.c#2 edit Differences ... ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl.3#2 (text+ko) ==== @@ -2,6 +2,8 @@ .\" Copyright (c) 2000, 2001, 2002 Robert N. M. Watson .\" All rights reserved. .\" +.\" This software was developed by Robert Watson for the TrustedBSD Project. +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -25,7 +27,7 @@ .\" .\" $FreeBSD: src/lib/libc/posix1e/acl.3,v 1.19 2002/11/08 15:01:28 rwatson Exp $ .\" -.Dd January 28, 2000 +.Dd December 18, 2002 .Dt ACL 3 .Os .Sh NAME @@ -82,8 +84,10 @@ and may be used to create an empty entry in an ACL. .It Xo .Fn acl_delete_def_file , +.Fn acl_delete_def_link_np , +.Fn acl_delete_fd_np , .Fn acl_delete_file_np , -.Fn acl_delete_fd_np +.Fn acl_delete_link_np .Xc These functions are described in .Xr acl_delete 3 , @@ -114,9 +118,10 @@ .Xr acl_get_entry 3 , and may be used to retrieve a designated ACL entry from an ACL. .It Xo +.Fn acl_get_fd , +.Fn acl_get_fd_np , .Fn acl_get_file , -.Fn acl_get_fd , -.Fn acl_get_fd_np +.Fn acl_get_link_np .Xc These functions are described in .Xr acl_get 3 , @@ -138,9 +143,10 @@ .Xr acl_init 3 , and may be used to allocate a fresh (empty) ACL structure. .It Xo +.Fn acl_set_fd , +.Fn acl_set_fd_np , .Fn acl_set_file , -.Fn acl_set_fd , -.Fn acl_set_fd_np +.Fn acl_set_link_np .Xc These functions are described in .Xr acl_set 3 , @@ -163,8 +169,9 @@ and may be used to generate a text-form of a POSIX.1e semantics ACL. .It Xo .Fn acl_valid , +.Fn acl_valid_fd_np , .Fn acl_valid_file_np , -.Fn acl_valid_fd_np +.Fn acl_valid_link_np .Xc These functions are described in .Xr acl_valid 3 , ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_delete.3#2 (text+ko) ==== @@ -1,7 +1,9 @@ .\"- -.\" Copyright (c) 2000 Robert N. M. Watson +.\" Copyright (c) 2000, 2002 Robert N. M. Watson .\" All rights reserved. .\" +.\" This software was developed by Robert Watson for the TrustedBSD Project. +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -30,8 +32,10 @@ .Os .Sh NAME .Nm acl_delete_def_file , +.Nm acl_delete_def_link_np , .Nm acl_delete_fd_np , .Nm acl_delete_file_np +.Nm acl_delete_link_np .Nd delete an ACL from a file .Sh LIBRARY .Lb libc @@ -41,21 +45,33 @@ .Ft int .Fn acl_delete_def_file "const char *path_p" .Ft int +.Fn acl_delete_def_link_np "const char *path_p" +.Ft int +.Fn acl_delete_fd_np "int filedes" "acl_type_t type" +.Ft int .Fn acl_delete_file_np "const char *path_p" "acl_type_t type" .Ft int -.Fn acl_delete_fd_np "int filedes" "acl_type_t type" +.Fn acl_delete_link_np "const char *path_p" "acl_type_t type" .Sh DESCRIPTION The .Fn acl_delete_def_file , +.Fn acl_delete_def_link_np , +.Fn acl_delete_fd_np , .Fn acl_delete_file_np , and -.Fn acl_delete_fd_np +.Fn acl_delete_link_np each allow the deletion of an ACL from a file. .Fn acl_delete_def_file is a POSIX.1e call that deletes the default ACL from a file (normally a -directory) by name; the other two calls are non-portable extensions that -allow deleting of arbitrary ACL types from a file/directory by either path -name, or by file descriptor. +directory) by name; the remainder of the calls are non-portable extensions +that permit the deletion of arbitrary ACL types from a file/directory +either by path name or file descriptor. +The +.Fn _file +variations follow a symlink if it occurs in the last segment of the +path name; the +.Fn _linke +variations operate on the symlink itself. .Sh IMPLEMENTATION NOTES .Fx Ns 's support for POSIX.1e interfaces and features is still under @@ -118,5 +134,3 @@ and development continues. .Sh AUTHORS .An Robert N M Watson -.Sh BUGS -These features are not yet fully implemented. ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_delete.c#2 (text+ko) ==== @@ -1,7 +1,9 @@ /*- - * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson + * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson * All rights reserved. * + * This software was developed by Robert Watson for the TrustedBSD Project. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -43,7 +45,13 @@ return (__acl_delete_file(path_p, ACL_TYPE_DEFAULT)); } +int +acl_delete_def_link_np(const char *path_p) +{ + return (__acl_delete_link(path_p, ACL_TYPE_DEFAULT)); +} + int acl_delete_file_np(const char *path_p, acl_type_t type) { @@ -51,6 +59,13 @@ return (__acl_delete_file(path_p, type)); } +int +acl_delete_link_np(const char *path_p, acl_type_t type) +{ + + return (__acl_delete_link(path_p, type)); +} + int acl_delete_fd_np(int filedes, acl_type_t type) ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_get.3#2 (text+ko) ==== @@ -1,7 +1,9 @@ .\"- -.\" Copyright (c) 2000 Robert N. M. Watson +.\" Copyright (c) 2000, 2002 Robert N. M. Watson .\" All rights reserved. .\" +.\" This software was developed by Robert Watson for the TrustedBSD Project. +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -31,7 +33,8 @@ .Sh NAME .Nm acl_get_fd , .Nm acl_get_fd_np , -.Nm acl_get_file +.Nm acl_get_file , +.Nm acl_get_link_np .Nd get an ACL for a file .Sh LIBRARY .Lb libc @@ -39,21 +42,20 @@ .In sys/types.h .In sys/acl.h .Ft acl_t -.Fn acl_get_file "const char *path_p" "acl_type_t type" -.Ft acl_t .Fn acl_get_fd "int fd" .Ft acl_t .Fn acl_get_fd_np "int fd" "acl_type_t type" +.Ft acl_t +.Fn acl_get_file "const char *path_p" "acl_type_t type" +.Ft acl_t +.Fn acl_get_link_np "const char *path_p" "acl_type_t type" .Sh DESCRIPTION The +.Fn acl_get_fd , .Fn acl_get_file , -.Fn acl_get_fd , -and +.Fn acl_get_link_np , .Fn acl_get_fd_np each allow the retrieval of an ACL from a file. -.Fn acl_get_file -is a POSIX.1e call that allows the retrieval of a -specified type of ACL from a file by name; .Fn acl_get_fd is a POSIX.1e call that allows the retrieval of an ACL of type ACL_TYPE_ACCESS @@ -62,8 +64,16 @@ is a non-portable form of .Fn acl_get_fd that allows the retrieval of any type of ACL from a file descriptor. +.Fn acl_get_file +is a POSIX.1e call that allows the retrieval of a +specified type of ACL from a file by name; +.Fn acl_get_link_np +is a non-portable variation on +.Fn acl_get_file +which does not follow a symlink if the target of the call is a +symlink. .Pp -This function may cause memory to be allocated. The caller should free +These functions may cause memory to be allocated. The caller should free any releasable memory, when the new ACL is no longer required, by calling .Xr acl_free 3 with the @@ -135,5 +145,3 @@ and development continues. .Sh AUTHORS .An Robert N M Watson -.Sh BUGS -These features are not yet fully implemented. ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_get.c#2 (text+ko) ==== @@ -1,7 +1,9 @@ /*- - * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson + * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson * All rights reserved. * + * This software was developed by Robert Watson for the TrustedBSD Project. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -24,9 +26,11 @@ * SUCH DAMAGE. */ /* - * acl_get_file - syscall wrapper for retrieving ACL by filename * acl_get_fd - syscall wrapper for retrieving access ACL by fd * acl_get_fd_np - syscall wrapper for retrieving ACL by fd (non-POSIX) + * acl_get_file - syscall wrapper for retrieving ACL by filename + * acl_get_link_np - syscall wrapper for retrieving ACL by filename (NOFOLLOW) + * (non-POSIX) * acl_get_perm_np() checks if a permission is in the specified * permset (non-POSIX) * acl_get_permset() returns the permission set in the ACL entry @@ -66,6 +70,25 @@ } acl_t +acl_get_link_np(const char *path_p, acl_type_t type) +{ + acl_t aclp; + int error; + + aclp = acl_init(ACL_MAX_ENTRIES); + if (aclp == NULL) + return (NULL); + + error = __acl_get_link(path_p, type, &aclp->ats_acl); + if (error) { + acl_free(aclp); + return (NULL); + } + + return (aclp); +} + +acl_t acl_get_fd(int fd) { acl_t aclp; ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_set.3#2 (text+ko) ==== @@ -1,7 +1,9 @@ .\"- -.\" Copyright (c) 2000 Robert N. M. Watson +.\" Copyright (c) 2000, 2002 Robert N. M. Watson .\" All rights reserved. .\" +.\" This software was developed by Robert Watson for the TrustedBSD Project. +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -31,7 +33,8 @@ .Sh NAME .Nm acl_set_fd , .Nm acl_set_fd_np , -.Nm acl_set_file +.Nm acl_set_file , +.Nm acl_set_link_np .Nd set an ACL for a file .Sh LIBRARY .Lb libc @@ -39,29 +42,36 @@ .In sys/types.h .In sys/acl.h .Ft int -.Fn acl_set_file "const char *path_p" "acl_type_t type" "acl_t acl" -.Ft int .Fn acl_set_fd "int fd" "acl_t acl" .Ft int .Fn acl_set_fd_np "int fd" "acl_t acl" "acl_type_t type" +.Ft int +.Fn acl_set_file "const char *path_p" "acl_type_t type" "acl_t acl" +.Ft int +.Fn acl_set_link_np "const char *path_p" "acl_type_t type" "acl_t acl" .Sh DESCRIPTION The +.Fn acl_set_fd , +.Fn acl_set_fd_np , .Fn acl_set_file , -.Fn acl_set_fd , and -.Fn acl_set_fd_np +.Fn acl_set_link_np , each associate an ACL with an object referred to by .Va fd or .Va path_p . -All except .Fn acl_set_fd_np -are POSIX.1e calls-- +and +.Fn acl_set_link_np +are not POSIX.1e calls. .Fn acl_set_fd allows only the setting of ACLs of type ACL_TYPE_ACCESS where as .Fn acl_set_fd_np allows the setting of ACLs of any type. +.Fn acl_set_link_np +acts on a symlink rather than its target, if the target of the +path is a symlink. .Sh IMPLEMENTATION NOTES .Fx Ns 's support for POSIX.1e interfaces and features is still under @@ -125,5 +135,3 @@ and development continues. .Sh AUTHORS .An Robert N M Watson -.Sh BUGS -These features are not yet fully implemented. ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_set.c#2 (text+ko) ==== @@ -1,7 +1,9 @@ /*- - * Copyright (c) 1999, 2000, 2001 Robert N. M. Watson + * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson * All rights reserved. * + * This software was developed by Robert Watson for the TrustedBSD Project. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -70,6 +72,28 @@ } int +acl_set_link_np(const char *path_p, acl_type_t type, acl_t acl) +{ + int error; + + if (acl == NULL || path_p == NULL) { + errno = EINVAL; + return (-1); + } + if (_posix1e_acl(acl, type)) { + error = _posix1e_acl_sort(acl); + if (error) { + errno = error; + return (-1); + } + } + + acl->ats_cur_entry = 0; + + return (__acl_set_link(path_p, type, &acl->ats_acl)); +} + +int acl_set_fd(int fd, acl_t acl) { int error; ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_valid.3#2 (text+ko) ==== @@ -1,7 +1,9 @@ .\"- -.\" Copyright (c) 2000 Robert N. M. Watson +.\" Copyright (c) 2000, 2002 Robert N. M. Watson .\" All rights reserved. .\" +.\" This software was developed by Robert Watson for the TrustedBSD Project. +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -31,7 +33,8 @@ .Sh NAME .Nm acl_valid , .Nm acl_valid_fd_np , -.Nm acl_valid_file_np +.Nm acl_valid_file_np , +.Nm acl_valid_link_np .Nd validate an ACL .Sh LIBRARY .Lb libc @@ -44,6 +47,8 @@ .Fn acl_valid_fd_np "int fd" "acl_type_t type" "acl_t acl" .Ft int .Fn acl_valid_file_np "const char *path_p" "acl_type_t type" "acl_t acl" +.Ft int +.Fn acl_valid_link_np "const char *path_p" "acl_type_t type" "acl_t acl" .Sh DESCRIPTION These functions check that the ACL referred to by the argument .Va acl @@ -51,13 +56,20 @@ .Fn acl_valid , checks this validity only with POSIX.1e ACL semantics, and irrespective of the context in which the ACL is to be used. The non-portable forms, -.Fn acl_valid_fd_np +.Fn acl_valid_fd_np , +.Fn acl_valid_file_np , and -.Fn acl_valid_file_np , +.Fn acl_valid_link_np allow an ACL to be checked in the context of a specific acl type, .Va type , -and file system object. In environments where additional ACL types are +and file system object. +In environments where additional ACL types are supported than just POSIX.1e, this makes more sense. +Whereas +.Fn acl_valid_file_np +will follow the symlink if the specified path is to a symlink, +.Fn acl_valid_link_np +will not. .Pp For POSIX.1e semantics, the checks include: .Bd -literal -offset indent @@ -140,5 +152,3 @@ and development continues. .Sh AUTHORS .An Robert N M Watson -.Sh BUGS -These features are not yet fully implemented. ==== //depot/projects/trustedbsd/acl/lib/libc/posix1e/acl_valid.c#2 (text+ko) ==== @@ -1,7 +1,9 @@ /*- - * Copyright (c) 1999, 2000, 20001 Robert N. M. Watson + * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson * All rights reserved. * + * This software was developed by Robert Watson for the TrustedBSD Project. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -70,7 +72,6 @@ } } - int acl_valid_file_np(const char *pathp, acl_type_t type, acl_t acl) { @@ -91,6 +92,25 @@ return (__acl_aclcheck_file(pathp, type, &acl->ats_acl)); } +int +acl_valid_link_np(const char *pathp, acl_type_t type, acl_t acl) +{ + int error; + + if (pathp == NULL || acl == NULL) { + errno = EINVAL; + return (-1); + } + if (_posix1e_acl(acl, type)) { + error = _posix1e_acl_sort(acl); + if (error) { + errno = error; + return (-1); + } + } + + return (__acl_aclcheck_link(pathp, type, &acl->ats_acl)); +} int acl_valid_fd_np(int fd, acl_type_t type, acl_t acl) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212190419.gBJ4JgOK066789>